[
https://issues.apache.org/jira/browse/SSHD-1215?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17426604#comment-17426604
]
Thomas Wolf commented on SSHD-1215:
-----------------------------------
There is no reason to shout.
Your proposed "fix" alone is definitely _not_ correct; it breaks transferring
data when {{StfpClient.open(path, OpenMode.Write, OpenMode.Create,
OpenMode.Append);}} is used. Your proposed change would simply ignore the
ACE4_APPEND_DATA desired-access flag.
There is clearly an overlap between SSH_FXF_APPEND_DATA and the NFS-style
access flag ACE4_APPEND_DATA, and it is not clear from the draft RFCs how this
should be handled. Is including SSH_FXF_APPEND_DATA but not ACE4_APPEND_DATA
allowed or not? Is including ACE4_APPEND_DATA but not SSH_FXF_APPEND_DATA
allowed or not, and does this mean "append" mode or not?
Apache MINA sshd apparently is a bit inconsistent here. For SFTP version >= V5,
{{AbstractSftpClient}} sets only ACE4_APPEND_DATA, but not SSH_FXF_APPEND_DATA.
On the server side, {{FileHandle.getOpenOption()}} does not consider
ACE4_APPEND_DATA at all. The translation of flags from pre-V5 to >=V5 flags in
{{AbstractSftpSubsystemHelper.doOpen()}} translates SSH_FXF_APPEND to setting
both the SSH_FXF_APPEND_DATA open flag and the ACE4_APPEND_DATA desired-access
flag.
Essentially it boils down to the question of what the translation given in the
[RFC draft
13|https://datatracker.ietf.org/doc/html/draft-ietf-secsh-filexfer-13] means:
{quote}
O_APPEND
desired-access = WRITE_DATA|WRITE_ATTRIBUTES|APPEND_DATA
flags = SSH_FXF_APPEND_DATA and or SSH_FXF_APPEND_DATA_ATOMIC
{quote}
Does this mean desired-access _and_ flags must contain these bits, or does it
mean desired-access _or_ flags contain these bits?
The draft RFC is also silent on the question of what a server should do if the
desired-access flags are inconsistent with the open flags.
Clear is only that in POSIX, opening a file with O_WRITE | O_CREAT | O_APPEND
is allowed and has a meaning.
Given that:
* a current Apache MINA sshd SFTP client, for SFTP version >= V5, assumes that
ACE4_APPEND_DATA alone is sufficient to get "append" mode, and
* WinSCP apparently also behaves that way,
I think implementing _"or"_ is the correct and safe way: "append" mode should
be used if SSH_FXF_APPEND_DATA _or_ ACE4_APPEND_DATA are set (and the other
flags are such that it makes sense at all, i.e. write access).
But that means that the real problem you are experiencing is not one of which
flags are set (despite the aforementioned minor inconsistencies in Apache MINA
sshd), but that there might be something amiss with "ignoring the given offset
in append mode", or that your front-end does something wrong.
Therefore we need a test case that exhibits your precise problem first.
(Even just making the flag handling a bit more consistent in Apache MINA sshd
would require more tests for the "append" case in our test suite.)
> WinsCP transfer failure to Apache SSHD Server
> ---------------------------------------------
>
> Key: SSHD-1215
> URL: https://issues.apache.org/jira/browse/SSHD-1215
> Project: MINA SSHD
> Issue Type: Bug
> Affects Versions: 2.6.0
> Reporter: Roberto Deandrea
> Priority: Blocker
> Attachments: logs.zip
>
>
> Hi
> I have a failure transferring small files from a WinSCP SFTP client version
> 5.19.2 to a front-end Apache SSHD Server 2.6.0.
> The front-end Apache SSHD server is configured with a Filesystem built upon
> SFTPFileSystemProvider to proxy files to an Apache SSHD back-end server.
> WinSCP SFTP transfer files successfully directly to back-end Apache SSHD
> Server.
> I traced the SFTP file transfer on the front-end server and back-end server
> and it seems that something get wrong in the remote FileSystem set on the
> front-end server.
> From traces it seems that the first chunk of file is received correctly by
> the back-end server, but something is wrong on the second chuck of file
> transmitted.
> -------------------------------------------------------------------------------------------------------------------------
> First SSH_FXP_WRITE chunk received from front-end server :
> [16/09/21 09:18:26:364 CEST] 00000175 id=00000000
> org.apache.sshd.sftp.server.AbstractSftpSubsystemHelper 1 process
> process(ServerSessionImpl[allfuser1@/172.18.202.33:55400])[length=32757,
> type=SSH_FXP_WRITE, id=19718] processing
> [16/09/21 09:18:26:364 CEST] 00000175 id=00000000
> org.apache.sshd.sftp.server.SftpSubsystem 3 doWrite
> doWrite(ServerSessionImpl[allfuser1@/172.18.202.33:55400])[id=19718]
> *SSH_FXP_WRITE
> (handle=de6fcf635cb34b0e6d3d56643b7539a3[[/upload/rsa.key|https://issues.apache.org/upload/rsa.key]],
> offset=0, data=byte[32704])*
> First SSH_FXP_WRITE chunk sent by front-end SFTP client to back.end-server :
> [16/09/21 09:18:26:913 CEST] 00000175 id=00000000
> org.apache.sshd.sftp.client.impl.DefaultSftpClient 3 send
> send(SftpChannelSubsystem[id=0,
> recipient=0]-ClientSessionImpl[DMZ/172.18.202.33/allfuser1@/10.6.6.22:6471][sftp])
> cmd=SSH_FXP_WRITE, len=32752, id=139
> [16/09/21 09:18:27:010 CEST] 00000175 id=00000000
> org.apache.sshd.sftp.client.impl.AbstractSftpClient 3 checkResponseStatus
> checkResponseStatus(SftpChannelSubsystem[id=0,
> recipient=0]-ClientSessionImpl[DMZ/172.18.202.33/allfuser1@/10.6.6.22:6471][sftp])[id=139]
> cmd=SSH_FXP_WRITE status=SSH_FX_OK lang= msg=
>
> First SSH_FXP_WRITE chunk received succesfully from back-end server :
> [16/09/21 09:18:27:007 CEST] 00005c15 id=00000000
> org.apache.sshd.sftp.server.SftpSubsystem 3 doWrite
> doWrite(ServerSessionImpl[DMZ/172.18.202.33/allfuser1@/10.6.6.22:34445])[id=139]
> *SSH_FXP_WRITE
> (handle=c88cfd55dd514ccdd0428571191f5ea1[[/upload/rsa.key|https://issues.apache.org/upload/rsa.key]],
> offset=0, data=byte[32704])*
> [16/09/21 09:18:27:545 CEST] 00005c15 id=00000000
> org.apache.sshd.sftp.server.AbstractSftpSubsystemHelper 1 process
> process(ServerSessionImpl[DMZ/172.18.202.33/allfuser1@/10.6.6.22:34445])[length=32757,
>
> -----------------------------------------------------------------------------------------------------
> Second SSH_FXP_WRITE chunk received from front-end server:
> [16/09/21 09:18:27:012 CEST] 00000175 id=00000000
> org.apache.sshd.sftp.server.AbstractSftpSubsystemHelper 1 process
> process(ServerSessionImpl[allfuser1@/172.18.202.33:55400])[length=32757,
> type=SSH_FXP_WRITE, id=19974] processing
> [16/09/21 09:18:27:013 CEST] 00000175 id=00000000
> org.apache.sshd.sftp.server.SftpSubsystem 3 doWrite
> doWrite(ServerSessionImpl[allfuser1@/172.18.202.33:55400])[id=19974]
> *SSH_FXP_WRITE
> (handle=de6fcf635cb34b0e6d3d56643b7539a3[[/upload/rsa.key|https://issues.apache.org/upload/rsa.key]],
> offset=32704, data=byte[32704])*
>
> Second SSH_FXP_WRITE chunk sent by front-end SFTP client to back-end server:
> [16/09/21 09:18:27:473 CEST] 00000175 id=00000000
> org.apache.sshd.sftp.client.impl.DefaultSftpClient 3 send
> send(SftpChannelSubsystem[id=0,
> recipient=0]-ClientSessionImpl[DMZ/172.18.202.33/allfuser1@/10.6.6.22:6471][sftp])
> cmd=SSH_FXP_WRITE, len=32752, *id=141*
>
> Second SSH_FXP_WRITE chunk received from back-end server:
> type=SSH_FXP_WRITE, *id=141*] processing
> [16/09/21 09:18:27:545 CEST] 00005c15 id=00000000
> org.apache.sshd.sftp.server.SftpSubsystem 3 doWrite
> doWrite(ServerSessionImpl[DMZ/172.18.202.33/allfuser1@/10.6.6.22:34445])[*id=141*]
> SSH_FXP_WRITE
> (handle=c88cfd55dd514ccdd0428571191f5ea1[[/upload/rsa.key|https://issues.apache.org/upload/rsa.key]],
> *offset=0, data=byte[32704*])
> Now the back-end server complains about this data. The back-end server is
> expecting a chunk of data at offset=32704 and not offset = 0.
> java.io.IOException:
> position([/upload/rsa.key|https://issues.apache.org/upload/rsa.key]) *illegal
> file channel position, expected frsPosition: 32704, found: 0*
> This is a blocking error and causes the connection closing of the parts
> involved.
> ----------------------------------------------------------------------------------------------------------------------
> Full traces are attached to this jira.
>
> Questions and considerations.
> # Is this a known problem and is fixed in the latest release of Apache SSHD?
> # If this is a new problem can you suggest me how to fix it, or better
> troubleshoot it
> # Let me know if you need further info for troubleshooting
>
> Thanks in advance for your support
>
> Kind Regards
> Roberto Deandrea
>
>
--
This message was sent by Atlassian Jira
(v8.3.4#803005)
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
